Company

Information Security and Compliance

SecurityEngineer,SecurityOperation&VulnerabilityMonitoring

Sofia, Bulgaria FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Security Engineer, Security Operation & Vulnerability Monitoring. Skills: Security Operations, Vulnerability Management, Incident Response, Cloud Security, AI and Automation in Security. Threat Monitoring Investigations. Deep dive into Tier 1 & Tier 2 security operations escalations”

What You'll Achieve.

enhancing our security technology stack; building AI driven security automation workflows; contributing to security operations; building a modern, multi-cloud, intelligence driven security operations capability; accelerate response times; minimize exposure; identify exploitation attempts; bridge visibility gaps throughout the patching lifecycle; drive containment, mitigation and other security outcomes

Industry & Context.

Information Security and Compliance

Problems you'll solve

root cause analysis; autonomous threat reasoning; technical impact assessments; validating compensating controls

Eligibility Requirements

On-call is required

What They're Looking For.

Must Have

2-5 years of experience in Information Security, technical hands-on experience in Security Operations, technical hands-on experience in Security Engineering, technical hands-on experience in Digital Forensics, technical hands-on experience in Incident Response, technical hands-on experience in Endpoint Security, technical hands-on experience in Cloud Security, Experience in AI-augmented software development using tools like Claude Code, Codex, and Gemini, deep understanding of LLM methodologies and integration workflows, Working Experience with SIEM, Working Experience with EPP/EDR/XDR, Working Experience with SOAR, Working Experience with Cloud Security (CSPM, Container Security, etc), Working Experience with Digital Forensics software & tools, Working experience with Cloud environments like AWS, Azure and GCP, Experience in using scripting languages to automate tasks and manipulate data or programming experience, Proficiency in verbal and written English, On-call is required

Nice to Have

AI driven security automation workflows, modern, multi-cloud, intelligence driven security operations capability, agentic SOC, AI-driven agents for autonomous threat reasoning and triage, custom scripts, SOAR playbooks, Cloud Security Posture Management (CSPM), Container Security, Native Cloud Security Enhancements (AWS, Azure, GCP), Runtime Vulnerability Management, Endpoint Security enhancements, Threat Hunting, Compromise Assessments, Network/Endpoint/Cloud security reviews

What You'll Do.

Threat Monitoring Investigations

Deep dive into Tier 1 & Tier 2 security operations escalations

performing incident triage and root cause analysis

performing investigations using open source and proprietary tools

Contribute to building an agentic SOC

deploying AI-driven agents for autonomous threat reasoning and triage

Orchestrate automation workflows from initial detection to containment

utilizing custom scripts and SOAR playbooks to accelerate response times

Vulnerability Management & Response

Lead rapid response initiatives for zero-day vulnerabilities

conducting technical impact assessments and validating compensating controls to minimize exposure

Engineer multi-layered detection opportunities across the security stack to identify exploitation attempts and bridge visibility gaps throughout the patching lifecycle

take the lead and provide guidance during investigations and incidents to pivot the investigation

mitigation and other security outcomes

Lead projects and initiatives

How You'll Work.

Team & Collaboration

join our Global Cybersecurity Services Team; contributing to security operations; provide guidance during investigations and incidents

Communication Scope

Proficiency in verbal and written English

Process & Methodology

Lead projects and initiatives

Full Job Description

## Description We are looking for an intermediate level security specialist to join our Global Cybersecurity Services Team. As part of our modern cybersecurity operating model, the role will be engaged in enhancing our security technology stack, building AI driven security automation workflows and contributing to security operations. We are building a modern, multi-cloud, intelligence driven security operations capability that will heavily involve AI and automation; and will require engineering and operational skills at all levels. ## Responsibilities Threat Monitoring Investigations - Deep dive into Tier 1 & Tier 2 security operations escalations, performing incident triage and root cause analysis. Proficient in performing investigations using open source and proprietary tools, including but not limited to - EPP/EDR/XDR software, Digital Forensics tools/software, SIEM platforms, etc. AI & Automation - Contribute to building an agentic SOC by deploying AI-driven agents for autonomous threat reasoning and triage. Orchestrate automation workflows from initial detection to containment, utilizing custom scripts and SOAR playbooks to accelerate response times. Vulnerability Management & Response - Lead rapid response initiatives for zero-day vulnerabilities by conducting technical impact assessments and validating compensating controls to minimize exposure. Engineer multi-layered detection opportunities across the security stack to identify exploitation attempts and bridge visibility gaps throughout the patching lifecycle. Incident Response - Proficient in end-to-end Incident Response. Able to take the lead and provide guidance during investigations and incidents to pivot the investigation, drive containment, mitigation and other security outcomes. Proficient in cloud-native detection and CNAPP platforms. Security Projects - Lead projects and initiatives that may involve - Cloud Security Posture Management (CSPM), Container Security, Native Cloud Security Enhancements

Free ATS check

Applying for this Security Engineer, Security Operation & Vulnerability Monitoring role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 59 detected · ranked by frequency

AI-augmented software development ×4

programming ×4

Security Operations ×3

Vulnerability Management ×3

Incident Response ×3

Threat Monitoring Investigations ×3

incident triage ×3

root cause analysis ×3

performing investigations using open source and proprietary tools ×3

AI & Automation ×3

deploying AI-driven agents ×3

Orchestrate automation workflows ×3

Vulnerability Management & Response ×3

rapid response initiatives for zero-day vulnerabilities ×3

Engineer multi-layered detection opportunities ×3

identify exploitation attempts ×3

Security Projects ×3

scripting languages to automate tasks ×3

manipulate data ×3

Cloud Security ×2

AI and Automation in Security ×2

EPP/EDR/XDR software ×2

Digital Forensics tools/software ×2

SIEM platforms ×2

AWS ×2

Azure ×2

GCP ×2

Claude Code ×2

Codex ×2

Gemini ×2

LLM methodologies ×2

BEHAVIOURAL

Highly self-motivatedattention to detailoutcome driven

Role Details

Experience 2–5 yrs

Level Mid

Work Mode Remote Friendly

Type FULL TIME

AI-Extracted Insights

Domain Areas

modern-cybersecurity-operating-modelmulti-cloudintelligence-driven-security-operations-capabilityaillm-methodologiescloud-securitycontainer-securitynative-cloud-security-enhancements

How to Apply on Lever

Lever uses a streamlined one-page form — apply in under 5 minutes.
LinkedIn import works well; review parsed data before submitting.
The cover letter field is optional but visible to reviewers — use it to differentiate.
Referral codes from employees can significantly boost visibility of your application.

ANONYMOUS · UNFILTERED

What do employees actually say about this company?

Real rants from real employees. Read before you apply.

Read Company Rants →